General
-
Target
e7d01f403f207aa47e4f2893d7821dc7041bd11a70edb5f7a6c53d534801cf18.bin
-
Size
260KB
-
Sample
241122-11krtazqhz
-
MD5
507afa74729f716ad0095e798f9916ab
-
SHA1
fc9a48dca50845428329a0d01d132a7a43eac9a5
-
SHA256
e7d01f403f207aa47e4f2893d7821dc7041bd11a70edb5f7a6c53d534801cf18
-
SHA512
107d9e294289c6f6a83399790919afa0c1b794c6f121a0dcada52aefb428d845bb042ecc598ba700d6118e4f790f5cf19c1c98f802278b04a8d12133acc85aed
-
SSDEEP
6144:BiNgv2jJryrpLNE/h67jcbyRQKLuikTPm4C4mYGeeCYtxxkIwKUmR:cZmrYyjcbubYTO4ozpkAUw
Static task
static1
Behavioral task
behavioral1
Sample
e7d01f403f207aa47e4f2893d7821dc7041bd11a70edb5f7a6c53d534801cf18.apk
Resource
android-x86-arm-20240910-en
Malware Config
Extracted
xloader_apk
http://91.204.226.54:28899
Targets
-
-
Target
e7d01f403f207aa47e4f2893d7821dc7041bd11a70edb5f7a6c53d534801cf18.bin
-
Size
260KB
-
MD5
507afa74729f716ad0095e798f9916ab
-
SHA1
fc9a48dca50845428329a0d01d132a7a43eac9a5
-
SHA256
e7d01f403f207aa47e4f2893d7821dc7041bd11a70edb5f7a6c53d534801cf18
-
SHA512
107d9e294289c6f6a83399790919afa0c1b794c6f121a0dcada52aefb428d845bb042ecc598ba700d6118e4f790f5cf19c1c98f802278b04a8d12133acc85aed
-
SSDEEP
6144:BiNgv2jJryrpLNE/h67jcbyRQKLuikTPm4C4mYGeeCYtxxkIwKUmR:cZmrYyjcbubYTO4ozpkAUw
-
XLoader payload
-
Xloader_apk family
-
Checks if the Android device is rooted.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1